On Monday, September 8th, we became aware of the Solana security incident. Blockdaemon's infrastructure, systems, and client assets have not been impacted by this incident and all our services are fully operational. 

‍

Out of an abundance of caution, and to ensure the continued security of our customers, we placed our Solana staking API into temporary maintenance mode while our security and engineering teams conducted a thorough review. Our review included all APIs, UIs, SDKs and container infrastructure and we have confirmed that Blockdaemon’s infrastructure and safeguards remain uncompromised.

‍

Separately, we are also investigating the unrelated widespread NPM vulnerability to assess any potential exposure within our environment. Our security and engineering teams conducted a thorough review to verify that there are no affected packages in any of Blockdaemon’s software.

‍

Blockdaemon’s architecture is designed to minimize risk exposure, with multiple layers of defense, independent security audits, and strict segregation of responsibilities across systems. Our priority remains the protection of client assets and maintaining the highest standards of security and transparency. We are proceeding with the same security-first rigor that guides all aspects of our operations and will continue to monitor for any developments.

‍

We are working closely with our partners across the industry to monitor the development of both the SwissBorg incident and the NPM vulnerability in real-time. We advise all of our customers and partners to conduct thorough security analysis of internal systems and vendors.

‍

We will share more insights if any new information is discovered. Please feel free to reach out to us if you have any further questions.